<?PHP
session_cache_limiter('private, must-revalidate');
session_start();

//restrict page access
if(!isset($_SESSION['user']) || $_SESSION['role'] != 2)
  {
    header('Location:index.php');
    exit;
  }

include("std_dbs.php");

// get a list of movies
$query = "SELECT MOVID, MOVTITLE, SUBMITTERID, MOVDESC, MOVYEAR, MOVBUDGET, MOVRUNTIME, DATEADDED, PENDSTATUS, DATEACCEPTED, IMGCOVER, TRAILER FROM MOVIES 
ORDER BY MOVTITLE ASC";

$stid = oci_parse($connect, $query);
if($stid == false)
  {
    $e = oci_error($connect);
    echo "ERROR: error parsing query to get the list of pending movies <br />";
    echo "MSG: ".$e['message']."<br />";
    exit;
  }

$ret = oci_execute($stid);
if($ret == false)
  {
    $e = oci_error($stid);
    echo "ERROR: error executing query to get the list of pending movies <br />";
    echo "MSG: ".$e['message']."<br />";
    exit;
  }

echo "<table width='90%'>";
echo "<tr>";
echo "<th>Movie ID</th>";
echo "<th>Title</th>";
echo "<th>Submitter Name</th>";
echo "<th>Status</th>";
echo "<th>Date Added</th>";
echo "<th>Date Accepted</th>";
echo "<th>View Details</th>";
echo "</tr>";
while(($row = oci_fetch_array($stid, OCI_ASSOC)))
  {
    // get the submitter's username from the submitterid
    $subQuery = "SELECT USERNAME FROM USERS WHERE USERID = ".$row['SUBMITTERID'];
    $subStid = oci_parse($connect, $subQuery);
    if($subQuery == false)
      {
	$submitter = "PARSE ERROR";
      }
    $ret = oci_execute($subStid);
    if($ret == false)
      {
	$submitter = "EXEC ERROR";
      }

    $subRow = oci_fetch_array($subStid);
    $submitter = $subRow['USERNAME'];

    // add row to the table
    echo "<tr>";
    echo "<td>".$row['MOVID']."</td>";
    echo "<td>".$row['MOVTITLE']."</td>";
    echo "<td>".$submitter."</td>";

    if($row['PENDSTATUS']==0)
        echo "<td>Active</td>";    
    else if($row['PENDSTATUS']==1)
        echo "<td>Pending</td>";
    else if($row['PENDSTATUS']==3)
        echo "<td>Removed</td>";
    else
        echo "<td>Unknown</td>";

    $button = "<INPUT TYPE='image' SRC='content/covers/" . $row['IMGCOVER'] ."' HEIGHT='100' WIDTH='75' BORDER='0' ALT='IMGCOVER'>";
//Original button: <input type='submit' name='details' value='Details'/>

    echo "<td>".$row['DATEADDED']."</td>";
    echo "<td>".$row['DATEACCEPTED']."</td>";
    echo "<td style='text-align:center'><form method='GET' action='admin_movie_details.php'>
$button
<input type='hidden' name='movid' value='".$row['MOVID']."' />
</form></td>";
    echo "</tr>";
  }
echo "</table>";
?>
